CVE-2005-4691

medium

Description

imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page.

References

http://www.securityfocus.com/bid/15263

http://www.osvdb.org/20731

http://securitytracker.com/id?1015132

http://mail-index.netbsd.org/source-changes/2005/09/12/0043.html

http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html

Details

Source: Mitre, NVD

Published: 2005-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00076